Hackers have struck one of the world’s largest internet dating websites, leaking the highly sensitive sexual information of almost four million users onto the web.
The stolen data reveals the sexual preferences of users, whether they’re gay or straight, and even indicates which ones might be seeking extramarital affairs. In addition, the hackers have revealed email addresses, usernames, dates of birth, postal codes and unique internet addresses of users’ computers.
Channel 4 News has been investigating the cyber underworld, discovering which websites have been hacked and exposing the trade in personal information of millions of people through so-called “dark web” sites.
The investigation led to a secretive forum in which a hacker nicknamed ROR[RG] posted the details of users of Adult FriendFinder. The site boasts 63 million users worldwide and claims more than 7 million British members. It bills itself as a “thriving sex community”, and as a result users often share sensitive sexual information when they sign up.
The information of 3.9m Adult FriendFinder members has been leaked, including those who told the site to delete their accounts.
Shaun Harper is one of those whose details have been published. “The site seemed OK, but when I got into it I realised it wasn’t really for me, I was looking for something longer term. But by that time I’d already given my information. You couldn’t get into the site without handing over information.
“I deleted my account, so I thought the information had gone. These sites are meant to be secure.”
Within hours of the data being leaked, hackers on the forum said they intended to hit victims with spam emails, and Mr Harper has been targeted with virused emails since his information was made public.
Online crime experts believe the after the initial spam email campaign, hackers will now begin trawling through the data for potential blackmail targets. The spreadsheets contain addresses linked to dozens of government and armed services personnel, including members of the British Army.
“Where you’ve got names, dates of birth, ZIP codes, then that provides an opportunity to actually target specific individuals whether they be in government or healthcare for example, so you can profile that person and send more targeted blackmail-type emails,” says Charlie McMurdie, a cybercrime specialist for PwC and former head of the Metropolitan Police‘s electronic crime unit.
The front page of Adult FriendFinder, which is based in California, features photos of dozens of attractive young women. Yet the hacked data, contained in 15 spreadsheets, reveals how few females appear to use Adult FriendFinder.
Among the 26,939 users with a UK email address, for example, there are just 1,596 who identified as female: a ratio of one woman to every 16 men.
FriendFinder Networks Inc, which owns Adult FriendFinder, told Channel 4 News:
“FriendFinder Networks Inc… understands and fully appreciates the seriousness of the issue.
“We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert.
“We pledge to take the appropriate steps needed to protect our customers if they are affected.”